Fix auto user creation for OIDC auth
This commit is contained in:
parent
08b351e6e4
commit
bc1586761d
|
@ -189,23 +189,34 @@ export const save = async (
|
|||
const tenantId = tenancy.getTenantId()
|
||||
const db = tenancy.getGlobalDB()
|
||||
let { email, _id } = user
|
||||
if (!email && !_id) {
|
||||
throw new Error("_id or email is required")
|
||||
}
|
||||
|
||||
let dbUser: User | undefined
|
||||
if (_id) {
|
||||
// try to get existing user from db
|
||||
dbUser = (await db.get(_id)) as User
|
||||
if (email && dbUser.email !== email) {
|
||||
throw "Email address cannot be changed"
|
||||
try {
|
||||
dbUser = (await db.get(_id)) as User
|
||||
if (email && dbUser.email !== email) {
|
||||
throw "Email address cannot be changed"
|
||||
}
|
||||
email = dbUser.email
|
||||
} catch (e: any) {
|
||||
if (e.status === 404) {
|
||||
// do nothing, save this new user with the id specified - required for SSO auth
|
||||
} else {
|
||||
throw e
|
||||
}
|
||||
}
|
||||
email = dbUser.email
|
||||
} else if (email) {
|
||||
}
|
||||
|
||||
if (!dbUser && email) {
|
||||
// no id was specified - load from email instead
|
||||
dbUser = await usersCore.getGlobalUserByEmail(email)
|
||||
if (dbUser && dbUser._id !== _id) {
|
||||
throw `Unavailable`
|
||||
}
|
||||
} else {
|
||||
throw new Error("_id or email is required")
|
||||
}
|
||||
|
||||
await validateUniqueUser(email, tenantId)
|
||||
|
|
Loading…
Reference in New Issue